1 |
|
2 |
http://svn.apache.org/viewvc?view=revision&revision=1381035 |
3 |
|
4 |
--- java/org/apache/catalina/realm/RealmBase.java 2011-11-28 11:22:45.000000000 +0100 |
5 |
+++ java/org/apache/catalina/realm/RealmBase.java.oden 2012-12-31 11:18:37.409618760 +0100 |
6 |
@@ -45,7 +45,6 @@ import org.apache.catalina.Realm; |
7 |
import org.apache.catalina.connector.Request; |
8 |
import org.apache.catalina.connector.Response; |
9 |
import org.apache.catalina.core.ContainerBase; |
10 |
-import org.apache.catalina.deploy.LoginConfig; |
11 |
import org.apache.catalina.deploy.SecurityConstraint; |
12 |
import org.apache.catalina.deploy.SecurityCollection; |
13 |
import org.apache.catalina.util.HexUtils; |
14 |
@@ -734,31 +733,6 @@ public abstract class RealmBase |
15 |
if (constraints == null || constraints.length == 0) |
16 |
return (true); |
17 |
|
18 |
- // Specifically allow access to the form login and form error pages |
19 |
- // and the "j_security_check" action |
20 |
- LoginConfig config = context.getLoginConfig(); |
21 |
- if ((config != null) && |
22 |
- (Constants.FORM_METHOD.equals(config.getAuthMethod()))) { |
23 |
- String requestURI = request.getRequestPathMB().toString(); |
24 |
- String loginPage = config.getLoginPage(); |
25 |
- if (loginPage.equals(requestURI)) { |
26 |
- if (log.isDebugEnabled()) |
27 |
- log.debug(" Allow access to login page " + loginPage); |
28 |
- return (true); |
29 |
- } |
30 |
- String errorPage = config.getErrorPage(); |
31 |
- if (errorPage.equals(requestURI)) { |
32 |
- if (log.isDebugEnabled()) |
33 |
- log.debug(" Allow access to error page " + errorPage); |
34 |
- return (true); |
35 |
- } |
36 |
- if (requestURI.endsWith(Constants.FORM_ACTION)) { |
37 |
- if (log.isDebugEnabled()) |
38 |
- log.debug(" Allow access to username/password submission"); |
39 |
- return (true); |
40 |
- } |
41 |
- } |
42 |
- |
43 |
// Which user principal have we already authenticated? |
44 |
Principal principal = request.getPrincipal(); |
45 |
boolean status = false; |